EUVD-2007-2421

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

PHP vulnerability in myGallery plugin allows remote code execution via the myPath parameter.

Reporter	Title	Published	Views	Family All 10
CVE	CVE-2007-2426	2 May 200700:00	–	cve
Cvelist	CVE-2007-2426	2 May 200700:00	–	cvelist
Tenable Nessus	myGallery mygallerybrowser.php 'myPath' Parameter Remote File Inclusion	30 Apr 200700:00	–	nessus
canvas	Immunity Canvas: MYGALLERY_REMOTE	2 May 200700:19	–	canvas
NVD	CVE-2007-2426	2 May 200700:19	–	nvd
Patchstack	WordPress myGallery Plugin <= 1.4 - Remote File Inclusion	1 May 200700:00	–	patchstack
Prion	Remote file inclusion	2 May 200700:19	–	prion
VulnCheck KEV	VulnCheck KEV: CVE-2007-2426	29 Apr 200700:00	–	vulncheck_kev
wpexploit	myGallery <= 1.4b4 - Unauthenticated File Inclusion	29 Apr 200700:00	–	wpexploit
WPVulnDB	myGallery <= 1.4b4 - Unauthenticated File Inclusion	29 Apr 200700:00	–	wpvulndb

[
  {
    "enisaIdVendor": [
      {
        "id": "9a15602c-e6c6-34c5-82d6-d8878482d963",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "793025bb-2cf1-3247-8130-7e21ef258592",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/33955
secunia	www.secunia.com/advisories/25042
exploit-db	www.exploit-db.com/exploits/3814
osvdb	www.osvdb.org/34356
vupen	www.vupen.com/english/advisories/2007/1582
securityfocus	www.securityfocus.com/bid/23702
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.2Medium risk

Vulners AI Score6.2

CVSS 27.5

EPSS0.02221

php vulnerability mygallery plugin remote code execution